SEARCH

WEATHER

Ctn | Dbn | Jhb | Other

INDICATORS

$ = R 7.83
£ = R 12.36
€ = R 10.87
Oil = $ 115.5
Gold = $ 1680.57
Last Update:
02:00 16 Oct 11

GET IN TOUCH »

Got something to say? Click here to send a mail to Cooltech editor Hadlee Simons.

AFP

Fighting the spam war

Article By: Martin Tassev, Leadership

Wed, 25 Nov 2009 12:00

Everyone hates email spam. It is annoying and wastes time, takes up disk space and can slow down the network. And despite the increasingly advanced efforts by the companies that make money from combating spam, it continues to grow at a startling rate. From June 2005 to June 2009, the amount of email spam more than quadrupled.

Money is, of course, the driver of spammers, who are mostly sales people looking to sell products and services. Email is a cheap way to get a message to millions of people ? even if most of them do not even read it, the few who do respond make the spammers' efforts profitable. In order to keep sending out their messages, spammers have had to develop a few tricks up their sleeve in order to bypass spam filters.

Trick one: Botnets and zombies

Spammers use "botnets", a collection of computer systems or 'zombies', which are all linked to a common control structure. These zombies can be instructed to send out spam, phishing, viruses and other malware.

Because IP addresses guilty of sending out too much spam get a 'bad reputation', spammers need to limit the number of spam messages sent out by each zombie. In a botnet attack, for example, each zombie could send out 1000 messages, and with around 10 000 zombies in a botnet, a total of 10 million messages can be sent out at once, without compromising the reputation of a specific IP address.

Trick two: Borrowing a good reputation

As mentioned, analysing the reputation of the Sender IP address is a common method used by spam filters to block spam. To counteract this defence, spammers 'borrow' IP addresses with a good or neutral reputation. They either create email accounts with internet service providers (ISPs) all around the world, or buy access to a hacked email server and exploit the reputation of the company whose server has been hacked.

Trick three: Getting around authentication

Authentication involves establishing whether an email really is from the domain it says it is. Organisations need to publish a Sender Policy Framework (SPF) record, which tells e-mail receivers that a given IP address is allowed to send e-mail for a given domain. With strict setup of an SPF record, no third-party services can send out email on the company's behalf.

Despite the fact that many companies set up authentication, they often leave the option open for other IP addresses to send email, providing a loophole for spammers.

Spammers can also set up a domain name of their own to authenticate properly and send spam from it.

Trick four: Word salad

Spam filters evaluate the words in an email message and group them into 'good' and 'bad' words ? bad ones being the ones typically found in spam emails. The term "word salad" refers to the spammer's trick, whereby extra 'good' words are added to an email message (those typically not associated with spam). The spam filter will pick up more good words than bad words, and decide that the message is 'good'.

? More spammer tricks on page 2...

MORE FEATURES

Apple reveals iPhone 4S The iPhone 4S, displaying the Siri personal assistant.

Tech giant Apple has revealed the iPhone 4S, an updated version of the mega-popular iPhone 4.

Samsung to pay Microsoft The Samsung Galaxy S II.

Microsoft and Samsung have agreed to a patent deal which will see Microsoft receive royalties.

'Let's talk iPhone' An iPhone 4.

Apple has sent out invitations to an event expected to be the unveiling of a new iPhone.

USER COMMENTS: >